4
CVEs
0
Critical
4
High
0
KEV
0
PoC
0
Unpatched C/H
100.0%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
0
HIGH
4
MEDIUM
0
LOW
0
Monthly CVE Trend
Affected Products (13)
Indoor Connect 8855 Firmware
4
Ipecs Nms
4
Drutt Mobile Service Delivery Platform
3
Bscs Ix R18 Billing Rating Admx
2
Enterprise Content Management
2
Network Manager
2
Bscs Ix R18 Billing Rating Mx
2
Operations Support System Radio And Core Firmware
2
Open Redirect
1
PostgreSQL
1
Rx8200 Firmware
1
Network Location
1
Active Library Explorer
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-25657 | Denial of service in Ericsson Packet Core Gateway (PCG) versions prior to 1.30 allows an adjacent-network attacker to degrade service by continuously transmitting malformed messages that the gateway fails to parse safely. The condition causes recurring crashes that persist only while the attack is active, with automatic recovery once it stops, and no public exploit identified at time of analysis. | HIGH | 7.1 | 0.0% | 36 |
|
| CVE-2026-25658 | Denial of service in Ericsson Packet Core Gateway (PCG) versions prior to 1.30 allows adjacent network attackers to degrade service availability by continuously transmitting specially crafted messages that trigger improper handling of missing values (CWE-230). The affected PCG nodes crash repeatedly under sustained attack but self-recover once traffic stops, so impact is transient yet operationally significant for mobile core networks. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV. | HIGH | 7.1 | 0.0% | 36 |
|
| CVE-2026-25659 | Denial of service in Ericsson Packet Core Gateway (PCG) versions prior to 1.30 allows an adjacent-network attacker to degrade telecom packet core service by continuously sending a specially crafted message that triggers improper handling of missing values (CWE-230). The condition persists only while the attack is sustained - the system self-recovers once traffic stops - and no public exploit identified at time of analysis, but the CVSS 4.0 score of 7.1 reflects high availability impact on a carrier-grade network function. | HIGH | 7.1 | 0.0% | 36 |
|
| CVE-2025-59174 | Denial-of-service in Ericsson Packet Core Controller (PCC) versions prior to 1.39 allows an adjacent-network attacker without credentials to degrade service by flooding the controller with specially crafted messages. The CVSS 4.0 score of 7.1 reflects high availability impact with no confidentiality or integrity loss; no public exploit identified at time of analysis and the issue is not listed in CISA KEV. | HIGH | 7.1 | 0.0% | 36 |
|